diff options
Diffstat (limited to 'nixpkgs/nixos/tests/pam/test_chfn.py')
-rw-r--r-- | nixpkgs/nixos/tests/pam/test_chfn.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/nixpkgs/nixos/tests/pam/test_chfn.py b/nixpkgs/nixos/tests/pam/test_chfn.py new file mode 100644 index 000000000000..3cfbb3908e9d --- /dev/null +++ b/nixpkgs/nixos/tests/pam/test_chfn.py @@ -0,0 +1,28 @@ +expected_lines = { + "account required pam_unix.so", + "account sufficient @@pam_krb5@@/lib/security/pam_krb5.so", + "auth [default=die success=done] @@pam_ccreds@@/lib/security/pam_ccreds.so action=validate use_first_pass", + "auth [default=ignore success=1 service_err=reset] @@pam_krb5@@/lib/security/pam_krb5.so use_first_pass", + "auth required pam_deny.so", + "auth sufficient @@pam_ccreds@@/lib/security/pam_ccreds.so action=store use_first_pass", + "auth sufficient pam_rootok.so", + "auth sufficient pam_unix.so likeauth try_first_pass", + "password sufficient @@pam_krb5@@/lib/security/pam_krb5.so use_first_pass", + "password sufficient pam_unix.so nullok yescrypt", + "session optional @@pam_krb5@@/lib/security/pam_krb5.so", + "session required pam_env.so conffile=/etc/pam/environment readenv=0", + "session required pam_unix.so", +} +actual_lines = set(machine.succeed("cat /etc/pam.d/chfn").splitlines()) + +stripped_lines = set([line.split("#")[0].rstrip() for line in actual_lines]) +missing_lines = expected_lines - stripped_lines +extra_lines = stripped_lines - expected_lines +non_functional_lines = set([line for line in extra_lines if line == ""]) +unexpected_functional_lines = extra_lines - non_functional_lines + +with subtest("All expected lines are in the file"): + assert not missing_lines, f"Missing lines: {missing_lines}" + +with subtest("All remaining lines are empty or comments"): + assert not unexpected_functional_lines, f"Unexpected lines: {unexpected_functional_lines}" |